This script is Copyright (C) 2013 Tenable Network Security, Inc.
The remote Amazon Linux AMI host is missing a security update.
A NULL pointer dereference flaw was found in the Linux kernel's ftrace
and function tracer implementations. A local user who has the
CAP_SYS_ADMIN capability could use this flaw to cause a denial of
The (1) key_notify_sa_flush and (2) key_notify_policy_flush functions
in net/key/af_key.c in the Linux kernel before 3.10 do not initialize
certain structure members, which allows local users to obtain
sensitive information from kernel heap memory by reading a broadcast
message from the notify interface of an IPSec key_socket.
The ip6_sk_dst_check function in net/ipv6/ip6_output.c in the Linux
kernel before 3.10 allows local users to cause a denial of service
(system crash) by using an AF_INET6 socket for a connection to an IPv4
net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote
attackers to cause a denial of service (NULL pointer dereference and
system crash) or possibly have unspecified other impact via an
auth_reply message that triggers an attempted build_request operation.
See also :
Run 'yum update kernel' to update your system.
Risk factor :
High / CVSS Base Score : 7.8